Latest CyberSec News by @thecyberpicker

A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection.

Understand essential email security metrics that reveal the strength of your protection and highlight areas for improvement in your security program.

The latest report from AppOmni has revealed 91% confidence in SaaS security while 75% of organizations have faced incidents

This week in cybersecurity from the editors at Cybercrime Magazine

Socket has identified a new malware loader called XORIndex incorporated into malicious packages published to the npm registry, with over 9000 downloads so far

OpenAI is following Perplexity and is working on its own AI-powered browser codenamed "Aura."

Discover how AsyncRAT evolved from GitHub release to a widespread malware tool, spawning dangerous variants like DCRat and Venom RAT.

AI agents bring productivity but also identity risks in cloud environments. Learn how Astrix secures non-human identities.

A new state-backed campaign using HazyBeacon malware targets Southeast Asian governments to collect sensitive data via AWS Lambda

Depuis le 11 juillet 2025, de nombreux clichés récoltés par l'OSINT montrent l'impact des frappes iraniennes contre la base américaine d'Al Udeid au Qatar. Survenue dans la nuit du 23 au 24 juin 2025, cette salve de missiles balistiques était une réponse aux frappes américaines sur des installations nucléaires

Darknet giant Abacus Market has gone offline due to a likely exit scam, according to TRM Labs

The NCSC’s new Vulnerability Research Institute will help it develop outreach with the external cybersecurity community

North Korean hackers continue attacking open-source software via npm packages. 67 new malicious packages with XORIndex Loader target developers.

Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should…

The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites.

The bipartisan legislation would codify the agency’s position as the one in charge of coordinating responses to incidents like the breach on U.S. telecoms.

UK's National Cyber Security Centre (NCSC) has announced a new Vulnerability Research Initiative (VRI) that aims to strengthen relations with external cybersecurity experts.

DEK: An AI red-teaming company found that xAI’s Grok 4 is “not suitable for enterprises” without substantial security prompting.

The Cambridge Cybercrime Conference was held on 23 June. Summaries of the presentations are here.

Hackers have adopted the new technique called 'FileFix' in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems.

Interlock ransomware group deploys PHP-based RAT via FileFix, targeting various industries since May 2025.

🚨 A fake CAPTCHA is all it takes. Interlock ransomware is back—now pushing a stealthy PHP RAT via “FileFix,” a spin on ClickFix that hijacks File Ex

Last week, the FBI’s Atlanta field office announced the seizure of nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net and mgnetu.com — placing FBI banners on all of the sites.

Announcing the general availability of Microsoft Security Copilot capabilities for IT with Microsoft Intune and Microsoft Entra, offering AI-powered efficiency and enhanced security for your operations.

This week on the Lock and Code podcast, we speak with Anna Brading and Zach Hinkle about whether using AI is damaging for our health.

A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one case, led to the theft of $500,000 in cryptocurrency from a Russian crypto developer.

Dozens of Gigabyte motherboard models run on UEFI firmware vulnerable to security issues that allow planting bootkit malware that is invisible to the operating system and can survive reinstalls.

Researchers warn that a vulnerability in the file-transfer service could enable remote code execution.

Grok-4 was jailbroken 48 hours post-launch using Echo Chamber and Crescendo attack methods

A vulnerability in Kigen eUICC cards has exposed billions of IoT devices via flawed eSIM profile management